Read the original article: Apache Velocity XSS Vulnerability Affects Gov Sites
BleepingComputer reported that an undisclosed but currently patched cross-site scripting vulnerability in the open source Apache Velocity Tools codebase has been documented by Jackson Henry of the Sakura Samurai ethical hacking group. The vulnerability was reported last November and an update to fix the problem was quietly published to the project’s public GitHub page soon […]
The post Apache Velocity XSS Vulnerability Affects Gov Sites appeared first on Binary Defense.
Read the original article: Apache Velocity XSS Vulnerability Affects Gov Sites